| |  216.239.38.21 | 302 Found | 297 B |
URL User Request GET HTTP/2IP216.239.38.21:443
CertificateIssuerGoogle Trust Services LLC Subjectdominionenergy.zip Fingerprint09:D8:05:F5:E4:1E:AA:46:A8:90:E5:58:42:83:D3:AA:15:3C:3F:9C ValidityMon, 04 Mar 2024 00:17:53 GMT - Sun, 02 Jun 2024 01:09:46 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash884608828ab10b236e1a586cecbfc996 5d07bfaa33dc2a4ee1a6ddc8b127b2d90496d2ea b77ab7ee351de7c4e27ac35251291af8e27151a7b8a8828178d986634667c089
GET / HTTP/1.1
Host: dominionenergy.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks//
date: Thu, 18 Apr 2024 05:38:18 GMT
content-type: text/html; charset=UTF-8
server: ghs
content-length: 297
x-xss-protection: 0
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks// | 141.193.213.11 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/2www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks// IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks// HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
x-powered-by: WP Engine
expires: Thu, 18 Apr 2024 06:38:10 GMT
x-redirect-by: WordPress
x-cacheable: non200
cache-control: max-age=600, must-revalidate
x-cache: HIT: 3
x-cache-group: normal
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw; path=/; expires=Thu, 18-Apr-24 06:08:19 GMT; domain=.www.ghacks.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87624ed4f8c5b521-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/uploads/2020/11/ghack-logo-menu.png | 141.193.213.11 | 200 OK | 4.7 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2020/11/ghack-logo-menu.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeRIFF (little-endian) data, Web/P image Hash529ca77a46f1e149ce81fd1c5bd038c6 a66893d379545af6ddd3b7204c32a71e6a6c3199 5931a8cf7624e0f9b46d05b093fb5a2376c58a3eda52e74138c02180b527eb78
GET /wp-content/uploads/2020/11/ghack-logo-menu.png HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/webp
content-length: 4678
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=5352
content-disposition: inline; filename="ghack-logo-menu.webp"
etag: "654bd8e3-14e8"
last-modified: Wed, 08 Nov 2023 18:52:19 GMT
vary: Accept
cf-cache-status: HIT
age: 261942
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed89b2e0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2023/05/google-amp_02.jpg | 141.193.213.11 | 200 OK | 78 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2023/05/google-amp_02.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1200x751, components 3 Hash07f3a4bfd7b3d79ddb7b4a3f251abf31 a07c4a3b9d1ce31149f7b4bced33030964d2e24c afdf4a0f2eaa6f72fba670480c99fd8bd45632342e012abd8fe9f5ab4b5ac8c6
GET /wp-content/uploads/2023/05/google-amp_02.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/jpeg
content-length: 77811
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=83942
etag: "654bd8b3-147e6"
last-modified: Wed, 08 Nov 2023 18:51:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 210398
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed89b300afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2005/10/ghacks-technology-news.webp | 141.193.213.11 | 200 OK | 1.9 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2005/10/ghacks-technology-news.webp IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 235x51, Scaling: [none]x[none], YUV color, decoders should clamp Hash41926b99191b448707764362cd435e60 ddde62391af0241aec95ed172373bf3fa2d3c46a b6bf4f0fc4ce6aec190d2a66ae9302b3bf67b116b44342972289b8cd04e3d2ff
GET /wp-content/uploads/2005/10/ghacks-technology-news.webp HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/webp
content-length: 1948
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: "654bda54-79c"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 257771
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed89b340afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/slejven-djurakovic-0uXzoEzYZ4I-unsplash.jpg | 141.193.213.11 | 200 OK | 224 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/slejven-djurakovic-0uXzoEzYZ4I-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJPEG image data, progressive, precision 8, 1200x800, components 3 Size224 kB (223752 bytes) Hashd0ecc959148dfc251676b1f3bb81473a 8377ee1f920694d25eb699616faac4b4e03caa4e 46ff9b2281e7ca80920ac790bee565f5665ea1b87b569181bb36882b6039cfb3
GET /wp-content/uploads/2024/04/slejven-djurakovic-0uXzoEzYZ4I-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/jpeg
content-length: 223752
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=252600
etag: "661cb922-3dab8"
last-modified: Mon, 15 Apr 2024 05:20:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 260225
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed89b360afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/03/KeePassXC-adds-support-for-Passkeys-improves-database-import-from-Bitwarden-and-1Password.jpg | 141.193.213.11 | 200 OK | 81 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/03/KeePassXC-adds-support-for-Passkeys-improves-database-import-from-Bitwarden-and-1Password.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x801, components 3 Hash5ca9851d57d4a1b322d9c9c9dc09eac7 33c11808d28bb2e9fb20c853836d2d920daa04b7 fd6e88fcd78d2296406279adb65f4ec51220e788eee0ee5497f5312157b49997
GET /wp-content/uploads/2024/03/KeePassXC-adds-support-for-Passkeys-improves-database-import-from-Bitwarden-and-1Password.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/jpeg
content-length: 81182
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=90301
etag: "65ee9f82-160bd"
last-modified: Mon, 11 Mar 2024 06:06:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 261554
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed89b370afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/02/RustDoor-malware-targets-macOS-users-by-posing-as-a-Visual-Studio-Update.jpg | 141.193.213.11 | 200 OK | 59 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/02/RustDoor-malware-targets-macOS-users-by-posing-as-a-Visual-Studio-Update.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x828, components 3 Hashb05213945a64f99030ed8dbaed5274d7 5f2c357ae61868aa529c940543ccee44a8838678 39c72f8478154a7eeaacdc5f2551b3d59bdc2c3809a0f6dfed182d0309800cfb
GET /wp-content/uploads/2024/02/RustDoor-malware-targets-macOS-users-by-posing-as-a-Visual-Studio-Update.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/jpeg
content-length: 59007
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=69012
etag: "65c9a984-10d94"
last-modified: Mon, 12 Feb 2024 05:15:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 261554
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed8ab390afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/03/malwarebytes-5.png | 141.193.213.11 | 200 OK | 134 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/03/malwarebytes-5.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeRIFF (little-endian) data, Web/P image Size134 kB (133884 bytes) Hash81de53c4fe536e66f067773770264818 736e5b48335a4e0bcf66b9ce4efeb04135b06a23 fb07bd1905b07345d5a993ad01ab37812b34f4402d883959200cbd6ad38f8336
GET /wp-content/uploads/2024/03/malwarebytes-5.png HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/webp
content-length: 133884
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=181930
content-disposition: inline; filename="malwarebytes-5.webp"
etag: "65e6f562-2c6aa"
last-modified: Tue, 05 Mar 2024 10:35:14 GMT
vary: Accept
cf-cache-status: HIT
age: 253642
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed89b380afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/02/samantha-lam-zFy6fOPZEu0-unsplash.jpg | 141.193.213.11 | 200 OK | 410 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/02/samantha-lam-zFy6fOPZEu0-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJPEG image data, progressive, precision 8, 1200x857, components 3 Size410 kB (409787 bytes) Hash8acb5c60569d8386d579a7984ef23990 04fdae2255a42aaa3d0b872d105a48d880ebd29a 7623c1d41bf059d221f74630150427b0fedc8d4abbe07f9b997d0c5c239f9563
GET /wp-content/uploads/2024/02/samantha-lam-zFy6fOPZEu0-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/jpeg
content-length: 409787
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=456158
etag: "65c07f7a-6f5de"
last-modified: Mon, 05 Feb 2024 06:26:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 261554
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed8bb480afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/01/70-million-account-credentials-were-leaked-in-a-massive-password-dump.jpg | 141.193.213.11 | 200 OK | 68 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/01/70-million-account-credentials-were-leaked-in-a-massive-password-dump.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x800, components 3 Hash56bd3ba4b2999f1a7564638f5f03529c 2229bdaa6917b6ba3293e89f90125d653678cccd a93eb535d6d2a0be0c434a21d2d930afab75fc5f50fa3e880e40effeefe7627a
GET /wp-content/uploads/2024/01/70-million-account-credentials-were-leaked-in-a-massive-password-dump.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/jpeg
content-length: 67966
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=75468
etag: "65a95084-126cc"
last-modified: Thu, 18 Jan 2024 16:23:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 257771
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed8bb490afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2023/03/youtube-overlay-ads.jpg | 141.193.213.11 | 200 OK | 93 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2023/03/youtube-overlay-ads.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x801, components 3 Hash424e898bcad1ec5c60a0b57c8792b59a 659fb2c7c1effde8f04e7cdfa4ea50cf41916144 661613b8d40833a1c6469cf7abe5769087bcd9543d99ed11e70cd38e2abf8ac9
GET /wp-content/uploads/2023/03/youtube-overlay-ads.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/jpeg
content-length: 93290
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=96805
etag: "654bd8c3-17a25"
last-modified: Wed, 08 Nov 2023 18:51:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 173636
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed8bb4a0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2023/05/microsoft-phishing-zip.png | 141.193.213.11 | 200 OK | 195 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2023/05/microsoft-phishing-zip.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typePNG image data, 1173 x 633, 8-bit/color RGB, non-interlaced Size195 kB (194628 bytes) Hash5b5721bbfdca1406e738116fad0fed0b 19a0d5a69b70b0dba7f7680ee832de26c3a4b809 29d5ab51a91ff4ceb4b0159c7d148d8a8dc6e231777fcc36194a5dc2be3a5863
GET /wp-content/uploads/2023/05/microsoft-phishing-zip.png HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/png
content-length: 194628
last-modified: Wed, 08 Nov 2023 18:51:32 GMT
etag: "654bd8b4-2f844"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed89b310afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/01/microsoft-edge-TcC5qr3dpgA-unsplash.jpg | 141.193.213.11 | 200 OK | 283 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/01/microsoft-edge-TcC5qr3dpgA-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJPEG image data, progressive, precision 8, 1200x800, components 3 Size283 kB (283351 bytes) Hashed3c9b7207420906ae33273a8ddcbe3f 6884948c2dbd858c3ea0f214ea2c4bd5676a62b2 35eaa364539cb55b67861801e0bd9b4bc691c7198b1be8d585f05e38a832a5cd
GET /wp-content/uploads/2024/01/microsoft-edge-TcC5qr3dpgA-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/jpeg
content-length: 283351
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=306779
etag: "65aa11db-4ae5b"
last-modified: Fri, 19 Jan 2024 06:08:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 261679
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed8bb4b0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/Mozilla-Firefox-125-brings-text-highlighting-in-PDFs-URL-Paste-Suggestion.jpg | 141.193.213.11 | 200 OK | 26 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/Mozilla-Firefox-125-brings-text-highlighting-in-PDFs-URL-Paste-Suggestion.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x675, components 3 Hashfa56fbf0f90b4e67f31da67fab67f849 094074474786c02ec09d61a2a0a3be94025d7669 4fa5fb28521342d00a510235305ad0934debab6775813f3af98bdb68003077f0
GET /wp-content/uploads/2024/04/Mozilla-Firefox-125-brings-text-highlighting-in-PDFs-URL-Paste-Suggestion.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/jpeg
content-length: 25524
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=31987
etag: "661e4ca0-7cf3"
last-modified: Tue, 16 Apr 2024 10:02:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 156056
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed8bb4c0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/Delta-emulator-is-now-available-on-the-iOS-App-Store-but-not-for-EU-users.jpg | 141.193.213.11 | 200 OK | 91 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/Delta-emulator-is-now-available-on-the-iOS-App-Store-but-not-for-EU-users.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x800, components 3 Hash4c9a7b2fb5e42b0daa9b3d4e261e47af 1fad98077c471b361e68ee27644c84ef621ac681 fe874a387810041328a72df62c42890597e6cd4cece35f2e7e88f604adb008a9
GET /wp-content/uploads/2024/04/Delta-emulator-is-now-available-on-the-iOS-App-Store-but-not-for-EU-users.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/jpeg
content-length: 91434
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=94325
etag: "66209cd0-17075"
last-modified: Thu, 18 Apr 2024 04:08:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2629
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed8bb4f0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/windows-10-a-new-journey-with-windows-scaled.jpg | 141.193.213.11 | 200 OK | 84 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/windows-10-a-new-journey-with-windows-scaled.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x675, components 3 Hashe7a5159d8995059b8b1ee0b25ba560e1 3d4b91f86512b5c2ff25856548e87a38d54dfa60 4a4985431cf09fc1ed36766c963267008ea107f82014236d7e7baaeab0864836
GET /wp-content/uploads/2024/04/windows-10-a-new-journey-with-windows-scaled.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/jpeg
content-length: 83522
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=89553
etag: "6618affa-15dd1"
last-modified: Fri, 12 Apr 2024 03:52:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 261554
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed8cb5b0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-6DL3S186WS | 142.250.74.168 | 200 OK | 86 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-6DL3S186WS IP142.250.74.168:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash32bdc3a72b8d70ccf6afb747fbc9af87 cd2a908822682c7988a56fd6b03c3a2aafd5a418 0110bc79e6699fe2a2d7c727dc16da97de3f82160214b57a65dcde31ddcd8837
GET /gtag/js?id=G-6DL3S186WS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 05:38:19 GMT
expires: Thu, 18 Apr 2024 05:38:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86159
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/uploads/2024/04/rodion-kutsaiev-0VGG7cqTwCo-unsplash.jpg | 141.193.213.11 | 200 OK | 224 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/rodion-kutsaiev-0VGG7cqTwCo-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJPEG image data, progressive, precision 8, 1200x800, components 3 Size224 kB (223794 bytes) Hashf7ccd1a8f6ee6b16258a40ab50eb49aa 7af7c0d9f72a347f75725c0a380c4e89a2e36bee a591635474d46698d899246a4728997693e4a5cba41130c32b1a07dec0acd55c
GET /wp-content/uploads/2024/04/rodion-kutsaiev-0VGG7cqTwCo-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/jpeg
content-length: 223794
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=242915
etag: "6617dcaa-3b4e3"
last-modified: Thu, 11 Apr 2024 12:50:50 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 261554
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed8cb5c0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/Proton-acquires-encrypted-note-taking-app-Standard-Notes.jpg | 141.193.213.11 | 200 OK | 20 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/Proton-acquires-encrypted-note-taking-app-Standard-Notes.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x600, components 3 Hashd25f5f5361d468f21955f42880d44f06 ac9c2416f02ea1ba88d2ab092f86185d1bc5fd65 c036c8fadf554fa4ef70fefd23bbdca3d2b74168dce126d0a1e4cba960776b2b
GET /wp-content/uploads/2024/04/Proton-acquires-encrypted-note-taking-app-Standard-Notes.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/jpeg
content-length: 20053
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=27035
etag: "66174e36-699b"
last-modified: Thu, 11 Apr 2024 02:43:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 261554
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed8cb5e0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/fredrick-suwandi-csXTAyTiESo-unsplash.jpg | 141.193.213.11 | 200 OK | 478 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/fredrick-suwandi-csXTAyTiESo-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJPEG image data, progressive, precision 8, 1200x800, components 3 Size478 kB (477863 bytes) Hash655d08cf6d96a363e39c465dac10190f a3bdea8f139718bf47497e04d9a333d14a2cfa9f ec60f80cd5c197f9b81538bd10f38084a91066faea759c879d5673d68808b99f
GET /wp-content/uploads/2024/04/fredrick-suwandi-csXTAyTiESo-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/jpeg
content-length: 477863
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=535385
etag: "66167e38-82b59"
last-modified: Wed, 10 Apr 2024 11:55:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 261554
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed8cb5f0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2023/10/clint-patterson-yGPxCYPS8H4-unsplash.jpg | 141.193.213.11 | 200 OK | 265 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2023/10/clint-patterson-yGPxCYPS8H4-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJPEG image data, progressive, precision 8, 1200x799, components 3 Size265 kB (264740 bytes) Hash8cbfde1dabbf6353242204fb36efaea4 f2368204588944a6da3bb8d8339d9b03ad1a3989 e0383d956b4ba021221c00ceb187cd3a46b7095b2b0ee4a498881e4391b7ebfa
GET /wp-content/uploads/2023/10/clint-patterson-yGPxCYPS8H4-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: image/jpeg
content-length: 264740
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=289019
etag: "654bd8a6-468fb"
last-modified: Wed, 08 Nov 2023 18:51:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 261554
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ed8cb600afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtm.js?id=GTM-NHW6RDK | 142.250.74.168 | 200 OK | 73 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-NHW6RDK IP142.250.74.168:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (2165) Hash7f1011cd578e035a04c1fb2aadb84e6d 578b87b9248222a94b7ba318c2916a15650f9b84 bbbd635a58474637a2bdd05c5447422ef6f123e6ae1f1a0c46254e8a117bb36c
GET /gtm.js?id=GTM-NHW6RDK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 05:38:20 GMT
expires: Thu, 18 Apr 2024 05:38:20 GMT
cache-control: private, max-age=900
last-modified: Thu, 18 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72993
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| spn-v1.revampcdn.com/publishers/ghacks.js?modern=1 | 151.101.193.91 | 200 OK | 54 kB |
URL GET HTTP/2spn-v1.revampcdn.com/publishers/ghacks.js?modern=1 IP151.101.193.91:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subject*.revampcdn.com FingerprintE5:5F:0C:7F:47:E7:70:A7:CE:2A:3A:DA:BE:26:A1:A3:EB:22:F5:58 ValidityTue, 02 Apr 2024 09:59:54 GMT - Mon, 01 Jul 2024 09:59:53 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashfdbdfe09e1d69ce604e714d57b65179d ac9f2bdfc3b28883518a73a2de7e497aed7e9f60 7f5c42b5ed5df9af58004ff207e8fb7b3969c2a8a491eeb02c882a3bb4643a1d
GET /publishers/ghacks.js?modern=1 HTTP/1.1
Host: spn-v1.revampcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: istio-envoy
content-type: application/javascript; charset=utf-8
x-publisher-id: ghacks
etag: W/"e67a581386fc7c32dc44eaafa024a877"
x-version: 1.1369.0
x-request-id: 99e6f74a-48ac-48b0-aede-cf869f29d667
content-encoding: br
x-envoy-upstream-service-time: 246
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 56819
date: Thu, 18 Apr 2024 05:38:20 GMT
x-served-by: cache-ams21024-AMS, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 94, 0
x-timer: S1713418700.126572,VS0,VE1
vary: Accept-Encoding,x-device-platform,x-platform-id
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
access-control-allow-origin: *
x-country-code: NO
x-region: 03
x-device-platform: Desktop
x-browser-name: Firefox
x-browser-version: 96.0
x-platform-id: Linux
x-platform-version:
cache-control: max-age=172500, private, stale-if-error=31536000, stale-while-revalidate=864000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53944
X-Firefox-Spdy: h2
|
|
| polyfill.io/v2/polyfill.min.js?features=fetch |  104.18.51.3 | 200 OK | 43 kB |
URL GET HTTP/2polyfill.io/v2/polyfill.min.js?features=fetch IP104.18.51.3:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerSectigo Limited Subject*.polyfill.io Fingerprint19:AA:59:2F:D9:8A:C1:48:99:20:3C:64:45:4E:E5:A6:1D:E4:92:0C ValidityTue, 20 Feb 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (61744) Hashd40e1613ec4786a3520af67f977595c4 07534b493c205bc380af477c161694bbb097a6ac 374ff32e83699f5991e727573b41a088f6960579aeadd5fc8c45746a0722ec2d
GET /v2/polyfill.min.js?features=fetch HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:38:20 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 87624edb2a9b0b61-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 194681
cache-control: public, max-age=14400
content-encoding: gzip
expires: Thu, 18 Apr 2024 09:38:20 GMT
last-modified: Mon, 15 Apr 2024 23:33:39 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET,HEAD,OPTIONS
server: cloudflare
X-Firefox-Spdy: h2
|
|
| spn-v1.revampcdn.com/publishers/ghacks.js?modern=1 | 151.101.193.91 | 200 OK | 0 B |
URL GET HTTP/2spn-v1.revampcdn.com/publishers/ghacks.js?modern=1 IP151.101.193.91:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subject*.revampcdn.com FingerprintE5:5F:0C:7F:47:E7:70:A7:CE:2A:3A:DA:BE:26:A1:A3:EB:22:F5:58 ValidityTue, 02 Apr 2024 09:59:54 GMT - Mon, 01 Jul 2024 09:59:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /publishers/ghacks.js?modern=1 HTTP/1.1
Host: spn-v1.revampcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: istio-envoy
content-type: application/javascript; charset=utf-8
x-publisher-id: ghacks
etag: W/"e67a581386fc7c32dc44eaafa024a877"
x-version: 1.1369.0
x-request-id: 99e6f74a-48ac-48b0-aede-cf869f29d667
content-encoding: br
x-envoy-upstream-service-time: 246
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 05:38:20 GMT
age: 56819
x-served-by: cache-ams21024-AMS, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 94, 1
x-timer: S1713418701.557666,VS0,VE1
vary: Accept-Encoding,x-device-platform,x-platform-id
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
access-control-allow-origin: *
x-country-code: NO
x-region: 03
x-device-platform: Desktop
x-browser-name: Firefox
x-browser-version: 96.0
x-platform-id: Linux
x-platform-version:
cache-control: max-age=172500, private, stale-if-error=31536000, stale-while-revalidate=864000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53944
X-Firefox-Spdy: h2
|
|
| spn-v1.revampcdn.com/prebid/ghacks/prebid-client.js | 151.101.193.91 | 200 OK | 95 kB |
URL GET HTTP/3spn-v1.revampcdn.com/prebid/ghacks/prebid-client.js IP151.101.193.91:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subject*.revampcdn.com FingerprintE5:5F:0C:7F:47:E7:70:A7:CE:2A:3A:DA:BE:26:A1:A3:EB:22:F5:58 ValidityTue, 02 Apr 2024 09:59:54 GMT - Mon, 01 Jul 2024 09:59:53 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash6fe998004865d8df29810f9f9c99d069 e4bc671256f0a492a9a79b148a5f581eeebacf20 bc715a89f3d916764ab7c6905575e173630d4a34ddac214a2636b338f39ed04b
GET /prebid/ghacks/prebid-client.js HTTP/1.1
Host: spn-v1.revampcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 94855
server: istio-envoy
content-type: application/javascript; charset=utf-8
x-publisher-id: ghacks
etag: W/"a4c2abd021337f1267c6eca65f514d09"
x-version: 1.1370.0
x-request-id: cdfb5927-07dc-486a-b834-c6f8547b3bf5
content-encoding: br
x-envoy-upstream-service-time: 108
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 0
date: Thu, 18 Apr 2024 05:38:20 GMT
x-served-by: cache-ams21030-AMS, cache-hel1410022-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1713418700.422890,VS0,VE154
vary: Accept-Encoding,x-country-code,x-device-platform
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
access-control-allow-origin: *
x-country-code: NO
x-region: 03
x-device-platform: Desktop
x-browser-name: Firefox
x-browser-version: 96.0
x-platform-id: Linux
x-platform-version:
cache-control: max-age=172500, private, stale-if-error=31536000, stale-while-revalidate=864000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| notix.io/settings?appId=100463775616ecb625f0290cd8eaf73&ver=0.16.4 |  139.45.197.227 | 200 OK | 108 B |
URL GET HTTP/2notix.io/settings?appId=100463775616ecb625f0290cd8eaf73&ver=0.16.4 IP139.45.197.227:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectnotix.io Fingerprint3C:56:70:26:73:9D:43:E7:28:EF:40:FE:65:98:CD:7B:0A:56:D9:1B ValiditySat, 17 Feb 2024 20:57:19 GMT - Fri, 17 May 2024 20:57:18 GMT
Hashc2e526b87becea70e84e59e6140c1667 d81024ed28402da62f33d0c87a0502edae040086 6bf0a4f3020094b5acbfbec37adcfe72560f05e78022b8d60c42bdf8160317d3
GET /settings?appId=100463775616ecb625f0290cd8eaf73&ver=0.16.4 HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 05:38:20 GMT
content-type: application/json; charset=utf-8
content-length: 108
access-control-allow-origin: https://www.ghacks.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| btloader.com/tag?o=5633429348548608&domain=ghacks.net&upapi=true | 104.22.75.216 | 200 OK | 18 kB |
URL GET HTTP/2btloader.com/tag?o=5633429348548608&domain=ghacks.net&upapi=true IP104.22.75.216:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectbtloader.com Fingerprint70:F7:F9:F7:42:5B:08:2E:94:58:BB:71:DF:F9:4D:8C:F5:09:57:DA ValiditySun, 14 Apr 2024 06:05:01 GMT - Sat, 13 Jul 2024 06:05:00 GMT
File typeJavaScript source, ASCII text, with very long lines (54911) Hashb96762e78303d9314b0e838800d019ce b2e55af9eaa825ee423f0f537d34b734513b0973 9c4b05fbc6e4b19865cc1872ed46d47dec5f9965c02e5febb3a8ea0278d1e64d
GET /tag?o=5633429348548608&domain=ghacks.net&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:38:20 GMT
content-type: application/javascript
content-length: 18338
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
etag: "bc0c9ebf1a38ece79381fa4ccfa16bf6"
last-modified: Thu, 18 Apr 2024 04:40:54 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 3373
accept-ranges: bytes
server: cloudflare
cf-ray: 87624edf9cc3930e-CPH
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/favicon.ico | 141.193.213.11 | 200 OK | 0 B |
URL GET HTTP/3www.ghacks.net/favicon.ico IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw; rv_prebid_position=380; rv_test_position=747; rv_fp_ad_session_id=0ed6f7ae-cbe1-47bd-8bc3-3fc666291bfc; rv_fp_pv=1; _ga_6DL3S186WS=GS1.1.1713418700.1.0.1713418700.0.0.0; _ga=GA1.1.1486426635.1713418701; _dd_s=rum=2&id=fc0565c6-409b-409c-ad7d-1dd3342ae82a&created=1713418700615&expire=1713419600615; didomi_token=eyJ1c2VyX2lkIjoiMThlZWZiNjgtN2M1Mi02ZmFiLWIyNjktZjk2NTVmOTcyMTc3IiwiY3JlYXRlZCI6IjIwMjQtMDQtMThUMDU6Mzg6MjAuNzQxWiIsInVwZGF0ZWQiOiIyMDI0LTA0LTE4VDA1OjM4OjIwLjc0M1oiLCJ2ZXJzaW9uIjpudWxsfQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:20 GMT
content-type: image/x-icon
content-length: 0
last-modified: Thu, 11 Apr 2024 23:01:40 GMT
etag: "66186bd4-0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 261925
accept-ranges: bytes
server: cloudflare
cf-ray: 87624ee008500afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ad-delivery.net/px.gif?ch=2 | 172.67.69.19 | 200 OK | 43 B |
URL GET HTTP/2ad-delivery.net/px.gif?ch=2 IP172.67.69.19:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectad-delivery.net Fingerprint03:56:A5:CD:68:65:E1:00:BD:87:3E:45:0C:B1:3B:C2:2C:8C:4E:18 ValidityTue, 19 Mar 2024 04:48:01 GMT - Mon, 17 Jun 2024 04:48:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:38:20 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPoR4JXLqkfpf-u09lS0JRH4wHiZk5pp3DpGwPYXSZHMyeJV_4xQVHswRg5LBcY1bjGFi2uKubkW3g
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 13 Apr 2024 07:11:32 GMT
cache-control: public, max-age=86400
age: 430008
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gsr8RHIJo0nAaDF9q2ZRmrYntM2pgLsPmjJPDZXZ2xBsvb%2FPBngjrWxxlclvKXOB1yXtLpN0NDTtm%2BZlgvTgNFvjIkEfN2MsyWNww5nJT7%2BChia7Us2bLYZP3H9uJmB%2BsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87624ee0a877568d-OSL
X-Firefox-Spdy: h2
|
|
| ad-delivery.net/px.gif?ch=1&e=0.7253925577115657 | 172.67.69.19 | 200 OK | 43 B |
URL GET HTTP/2ad-delivery.net/px.gif?ch=1&e=0.7253925577115657 IP172.67.69.19:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectad-delivery.net Fingerprint03:56:A5:CD:68:65:E1:00:BD:87:3E:45:0C:B1:3B:C2:2C:8C:4E:18 ValidityTue, 19 Mar 2024 04:48:01 GMT - Mon, 17 Jun 2024 04:48:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=1&e=0.7253925577115657 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:38:20 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPoR4JXLqkfpf-u09lS0JRH4wHiZk5pp3DpGwPYXSZHMyeJV_4xQVHswRg5LBcY1bjGFi2uKubkW3g
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 13 Apr 2024 07:11:32 GMT
cache-control: public, max-age=86400
age: 430008
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JfFjxZYLynmofBcXcRx4QGiA4aX76HFrzA2hMkFZF4KVrCCO6Th0%2FSdhsv1NMOsJ8yaZAglUq%2FrCXo%2FrA8Abssq0659bwHzyIW8tinI2Q4PR104xAHE%2ByyTsqvNi0ZaNxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87624ee0a87a568d-OSL
X-Firefox-Spdy: h2
|
|
| sdk.privacy-center.org/sdk/0ba2e67e736e144a6d03110fc550c8374e639cab/modern/ui-gdpr-en-web.0ba2e67e736e144a6d03110fc550c8374e639cab.js | 54.230.111.89 | 200 OK | 56 kB |
URL GET HTTP/3sdk.privacy-center.org/sdk/0ba2e67e736e144a6d03110fc550c8374e639cab/modern/ui-gdpr-en-web.0ba2e67e736e144a6d03110fc550c8374e639cab.js IP54.230.111.89:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerAmazon Subject*.privacy-center.org Fingerprint1A:7E:F9:30:82:3B:8F:CF:86:98:3F:EC:6B:3C:10:21:07:6E:A0:8B ValiditySun, 10 Mar 2024 00:00:00 GMT - Mon, 07 Apr 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65419) Hash8102d03e578e797b25db9b4695395a6c 65bd1070a30a2367a6cc0c77fc374fcccea2dd7c 860d71a05ad08eeb5b40b50b80aae8ceb25f612c0b7d535a2326e1180d5f57e8
GET /sdk/0ba2e67e736e144a6d03110fc550c8374e639cab/modern/ui-gdpr-en-web.0ba2e67e736e144a6d03110fc550c8374e639cab.js HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
age: 69035
date: Wed, 17 Apr 2024 10:27:46 GMT
last-modified: Wed, 17 Apr 2024 10:27:20 GMT
etag: W/"3ccb756c7f3f362007ff82133ba57a20-1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5TA3pAyzhhmWupC3-HJHkH4Zi433evfrVj59ZzF7gV-WvJksP3c-1g==
|
|
| imasdk.googleapis.com/js/sdkloader/ima3.js?ver=1 | 142.250.74.106 | 200 OK | 138 kB |
URL GET HTTP/2imasdk.googleapis.com/js/sdkloader/ima3.js?ver=1 IP142.250.74.106:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (2042) Size138 kB (137590 bytes) Hash6b768f9a8ae41363d83fea0744d1a23b 728464f80764022db06bf578aceb1376e3a8656c c77c7fd724aa3cdea7658f1c56790cb2586867c498ab785cdd21b4942a80784e
GET /js/sdkloader/ima3.js?ver=1 HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 137590
date: Thu, 18 Apr 2024 05:38:20 GMT
expires: Thu, 18 Apr 2024 05:38:20 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/readaloud/player/web/api/js/api.js?ver=1 | 142.250.74.35 | 200 OK | 181 kB |
URL GET HTTP/2www.gstatic.com/readaloud/player/web/api/js/api.js?ver=1 IP142.250.74.35:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (5280) Size181 kB (180715 bytes) Hash1f1319b651c980800276fe55eb86b8f5 0a1c600cfa3596686e6d564f5e38cbdc3b6d047a 8fdb846f4a09e6e57c84908277101c3878d9f3eec18f3c3408a68aedc16b8cb9
GET /readaloud/player/web/api/js/api.js?ver=1 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/speakr
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="speakr"
report-to: {"group":"speakr","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/speakr"}]}
content-length: 180715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 05:38:20 GMT
expires: Thu, 18 Apr 2024 06:28:20 GMT
cache-control: public, max-age=3000
last-modified: Sun, 10 Mar 2024 09:27:38 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1369.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=b6e48267-9466-44b2-ad95-e6f23364bf57&batch_time=1713418700815 | 3.233.153.123 | 202 Accepted | 53 B |
URL POST HTTP/2rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1369.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=b6e48267-9466-44b2-ad95-e6f23364bf57&batch_time=1713418700815 IP3.233.153.123:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerDigiCert Inc Subject*.browser-intake-datadoghq.com Fingerprint90:98:16:E4:5F:36:C7:67:0F:C6:18:49:63:19:73:FC:82:36:C1:4E ValiditySat, 17 Jun 2023 00:00:00 GMT - Tue, 18 Jun 2024 23:59:59 GMT
Hash862ba25d3987a587d43b62db2d719577 6e9afe7abe728dcd8d789f111789045afe060d41 755794327f7220f6aac951fb36adc4cbca8041f00495e58693904d12ae73b74b
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1369.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=b6e48267-9466-44b2-ad95-e6f23364bf57&batch_time=1713418700815 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16140
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 202 Accepted
date: Thu, 18 Apr 2024 05:38:21 GMT
content-type: application/json
content-length: 53
dd-request-id: b6e48267-9466-44b2-ad95-e6f23364bf57
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1369.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=fea6c2d9-0bd0-4469-96fa-7d495c67e0df&batch_time=1713418700843 | 3.233.153.123 | 202 Accepted | 53 B |
URL POST HTTP/2rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1369.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=fea6c2d9-0bd0-4469-96fa-7d495c67e0df&batch_time=1713418700843 IP3.233.153.123:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerDigiCert Inc Subject*.browser-intake-datadoghq.com Fingerprint90:98:16:E4:5F:36:C7:67:0F:C6:18:49:63:19:73:FC:82:36:C1:4E ValiditySat, 17 Jun 2023 00:00:00 GMT - Tue, 18 Jun 2024 23:59:59 GMT
Hash648e91857d493d3d690a8cb4fc4dcb7d 1845d35168529c4cbdb9b1139804e6957882e87f 863c18a332c95aa6711d7eb8519752513b8b28886c8a002fe32542ea27f6dd5d
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1369.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=fea6c2d9-0bd0-4469-96fa-7d495c67e0df&batch_time=1713418700843 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15901
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 202 Accepted
date: Thu, 18 Apr 2024 05:38:21 GMT
content-type: application/json
content-length: 53
dd-request-id: fea6c2d9-0bd0-4469-96fa-7d495c67e0df
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| api.btloader.com/country?o=5633429348548608 | 130.211.23.194 | 200 OK | 37 B |
URL GET HTTP/2api.btloader.com/country?o=5633429348548608 IP130.211.23.194:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectapi.btloader.com Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hashbdfe458835550c34f45fc9fdfeebb12a 0f08aa02e7bcbf4c5e991a5defb2fdbd03a86f3d ad26ec64cc613fbfbd47faaf39f9921c2b19769bde1d3c5c2857a671e7863cf9
GET /country?o=5633429348548608 HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Thu, 18 Apr 2024 05:38:21 GMT
content-length: 37
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.btloader.com/pv?tid=bld0MwdO2G&w=5874461553721344&o=5633429348548608&cv=2.1.41&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&sid=EtuN1gNe0p&pm=true&upapi=true | 130.211.23.194 | 204 No Content | 0 B |
URL GET HTTP/2api.btloader.com/pv?tid=bld0MwdO2G&w=5874461553721344&o=5633429348548608&cv=2.1.41&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&sid=EtuN1gNe0p&pm=true&upapi=true IP130.211.23.194:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectapi.btloader.com Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?tid=bld0MwdO2G&w=5874461553721344&o=5633429348548608&cv=2.1.41&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&sid=EtuN1gNe0p&pm=true&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Thu, 18 Apr 2024 05:38:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1369.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=c5320930-4203-4e19-84bf-ebce3950a71a&batch_time=1713418700830 | 3.233.153.123 | 202 Accepted | 53 B |
URL POST HTTP/2rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1369.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=c5320930-4203-4e19-84bf-ebce3950a71a&batch_time=1713418700830 IP3.233.153.123:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerDigiCert Inc Subject*.browser-intake-datadoghq.com Fingerprint90:98:16:E4:5F:36:C7:67:0F:C6:18:49:63:19:73:FC:82:36:C1:4E ValiditySat, 17 Jun 2023 00:00:00 GMT - Tue, 18 Jun 2024 23:59:59 GMT
Hashbae7b416d9748059f9d96a8183ed0aeb f246435be5b0174ae14efc3cf5c3054d91e5b13d f92f18429b70feba3d6d399b861412eee56167cad37cad8675b24d70b7f46fe2
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1369.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=c5320930-4203-4e19-84bf-ebce3950a71a&batch_time=1713418700830 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15925
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 202 Accepted
date: Thu, 18 Apr 2024 05:38:21 GMT
content-type: application/json
content-length: 53
dd-request-id: c5320930-4203-4e19-84bf-ebce3950a71a
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1369.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=54f9ba55-980c-4ff1-98fd-c248a267917b&batch_time=1713418700824 | 3.233.153.123 | 202 Accepted | 53 B |
URL POST HTTP/2rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1369.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=54f9ba55-980c-4ff1-98fd-c248a267917b&batch_time=1713418700824 IP3.233.153.123:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerDigiCert Inc Subject*.browser-intake-datadoghq.com Fingerprint90:98:16:E4:5F:36:C7:67:0F:C6:18:49:63:19:73:FC:82:36:C1:4E ValiditySat, 17 Jun 2023 00:00:00 GMT - Tue, 18 Jun 2024 23:59:59 GMT
Hash77cef0e3551c28594480457987706c93 177bd0ce9835b88f007cfda45b70ccab91979c4b 8fb0f624cf0206bdc63946114c7a4a0c60bd0a87abb86f23b60b2adacf35cd9b
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1369.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=54f9ba55-980c-4ff1-98fd-c248a267917b&batch_time=1713418700824 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16216
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 202 Accepted
date: Thu, 18 Apr 2024 05:38:21 GMT
content-type: application/json
content-length: 53
dd-request-id: 54f9ba55-980c-4ff1-98fd-c248a267917b
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1369.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=ca229e01-1b97-492c-86b4-94093749339e&batch_time=1713418701560 | 3.233.153.123 | 202 Accepted | 53 B |
URL POST HTTP/2rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1369.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=ca229e01-1b97-492c-86b4-94093749339e&batch_time=1713418701560 IP3.233.153.123:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerDigiCert Inc Subject*.browser-intake-datadoghq.com Fingerprint90:98:16:E4:5F:36:C7:67:0F:C6:18:49:63:19:73:FC:82:36:C1:4E ValiditySat, 17 Jun 2023 00:00:00 GMT - Tue, 18 Jun 2024 23:59:59 GMT
Hash87b702dc08f8c88b1a179c36c74766b8 5db55a7480e8f48a45be63d2f811642c0f54b944 8bf6d639f8bf1932e0bda542a58d755b17c79551845600949ef897abe50fa361
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1369.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=ca229e01-1b97-492c-86b4-94093749339e&batch_time=1713418701560 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15547
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 202 Accepted
date: Thu, 18 Apr 2024 05:38:21 GMT
content-type: application/json
content-length: 53
dd-request-id: ca229e01-1b97-492c-86b4-94093749339e
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/ingest.php |  162.19.96.13 | 200 OK | 86 B |
URL POST HTTP/2events.newsroom.bi/ingest.php IP162.19.96.13:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl13.k8s.mrf.io FingerprintF8:F3:2D:94:77:87:B5:6F:BF:63:1D:58:8B:32:3D:92:8E:24:63:38 ValidityMon, 11 Mar 2024 14:49:26 GMT - Sun, 09 Jun 2024 14:49:25 GMT
Hasha11cb9e4896c278cd189ffb9789da066 465a668593ed60b4cee5d2ece09c5cd0b346008b c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
POST /ingest.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 841
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 18 Apr 2024 05:38:26 GMT
content-length: 86
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/ingest.php | 162.19.96.13 | 200 OK | 86 B |
URL POST HTTP/2events.newsroom.bi/ingest.php IP162.19.96.13:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl13.k8s.mrf.io FingerprintF8:F3:2D:94:77:87:B5:6F:BF:63:1D:58:8B:32:3D:92:8E:24:63:38 ValidityMon, 11 Mar 2024 14:49:26 GMT - Sun, 09 Jun 2024 14:49:25 GMT
Hasha11cb9e4896c278cd189ffb9789da066 465a668593ed60b4cee5d2ece09c5cd0b346008b c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
POST /ingest.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 847
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 18 Apr 2024 05:38:26 GMT
content-length: 86
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/recirculation.php | 162.19.96.13 | 200 OK | 12 B |
URL POST HTTP/2events.newsroom.bi/recirculation.php IP162.19.96.13:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl13.k8s.mrf.io FingerprintF8:F3:2D:94:77:87:B5:6F:BF:63:1D:58:8B:32:3D:92:8E:24:63:38 ValidityMon, 11 Mar 2024 14:49:26 GMT - Sun, 09 Jun 2024 14:49:25 GMT
Hashaf472541e2d2b40737f6e7e9b55de6c7 9c9e4af771378e62f91a9f74b3f5696228c4167b a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b
POST /recirculation.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2968
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 18 Apr 2024 05:38:31 GMT
content-length: 12
x-envoy-upstream-service-time: 2
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| flowcards.mrf.io/json/experiences?url=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&clid=6c364edb-07f9-4772-8d2c-b2a87b48e820&fvst=1713418701&geo=__INJECT_GEO__&ptch=0&pgv=1&pti=2023-05-15T11:53:31+00:00&sdu=10&sid=2544&useg=&utyp=0&vfrq=6 | 104.21.50.90 | 200 OK | 75 B |
URL GET HTTP/2flowcards.mrf.io/json/experiences?url=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&clid=6c364edb-07f9-4772-8d2c-b2a87b48e820&fvst=1713418701&geo=__INJECT_GEO__&ptch=0&pgv=1&pti=2023-05-15T11:53:31+00:00&sdu=10&sid=2544&useg=&utyp=0&vfrq=6 IP104.21.50.90:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectflowcards.mrf.io FingerprintCD:D3:F7:18:EC:9C:A7:C1:6D:05:F1:5C:54:84:BD:27:EE:08:49:3F ValidityTue, 16 Apr 2024 05:29:37 GMT - Mon, 15 Jul 2024 05:29:36 GMT
Hash86fa40a699df8edead4fdc88e68ecf89 42c28cce3e35436cc7ad0486385ebe9ea944632f 4771b6e6d80480ff9d9ca116255b55e6a618fe445961840333b32a1315255e50
GET /json/experiences?url=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&clid=6c364edb-07f9-4772-8d2c-b2a87b48e820&fvst=1713418701&geo=__INJECT_GEO__&ptch=0&pgv=1&pti=2023-05-15T11:53:31+00:00&sdu=10&sid=2544&useg=&utyp=0&vfrq=6 HTTP/1.1
Host: flowcards.mrf.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:38:31 GMT
content-type: application/json; charset=utf-8
content-length: 75
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
x-envoy-upstream-service-time: 55
cf-cache-status: BYPASS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87624f21c96856c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/ingest.php | 162.19.96.13 | 200 OK | 2 B |
URL POST HTTP/2events.newsroom.bi/ingest.php IP162.19.96.13:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl13.k8s.mrf.io FingerprintF8:F3:2D:94:77:87:B5:6F:BF:63:1D:58:8B:32:3D:92:8E:24:63:38 ValidityMon, 11 Mar 2024 14:49:26 GMT - Sun, 09 Jun 2024 14:49:25 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /ingest.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 848
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 18 Apr 2024 05:38:36 GMT
content-length: 2
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/ingest.php | 162.19.96.13 | 200 OK | 2 B |
URL POST HTTP/2events.newsroom.bi/ingest.php IP162.19.96.13:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl13.k8s.mrf.io FingerprintF8:F3:2D:94:77:87:B5:6F:BF:63:1D:58:8B:32:3D:92:8E:24:63:38 ValidityMon, 11 Mar 2024 14:49:26 GMT - Sun, 09 Jun 2024 14:49:25 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /ingest.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 848
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 18 Apr 2024 05:38:41 GMT
content-length: 2
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ | 141.193.213.11 | 200 OK | 151 kB |
URL User Request GET HTTP/2www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
Size151 kB (151016 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-powered-by: WP Engine
link: <https://www.ghacks.net/wp-json/>; rel="https://api.w.org/", <https://www.ghacks.net/wp-json/wp/v2/posts/194771>; rel="alternate"; type="application/json", <https://www.ghacks.net/?p=194771>; rel=shortlink
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 4
x-cache-group: normal
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87624ed56933b521-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/tablepress-combined.min.css?ver=7 | 141.193.213.11 | 200 OK | 6.2 kB |
URL GET HTTP/3www.ghacks.net/wp-content/tablepress-combined.min.css?ver=7 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeASCII text, with very long lines (6246), with no line terminators Hash8b5521ad075a12c55832f020b436e4cd 98dae794a2c78e0f57f8cbe37fc6d1c834b147fa bf180216fdfcd4098ee0c30421c1c55143be800f3b39e67ab29e31bf540bcef0
GET /wp-content/tablepress-combined.min.css?ver=7 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 08 Apr 2024 04:15:10 GMT
etag: W/"66136f4e-184e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261944
server: cloudflare
cf-ray: 87624ed86b050afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/my-custom-functionality-master/assets/js/swiper.min.js?ver=9.9.0 | 141.193.213.11 | 200 OK | 136 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/my-custom-functionality-master/assets/js/swiper.min.js?ver=9.9.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJavaScript source, ASCII text, with very long lines (65281) Size136 kB (136235 bytes) Hash109e655465f9d245b3a1e362a0191de1 0e0f00c77214ae421645005171d1c8721f917670 d36ac645d9f3443fe2b4ee6306a14b305bc3d93f3ed72e913d067d02200e889c
GET /wp-content/plugins/my-custom-functionality-master/assets/js/swiper.min.js?ver=9.9.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:36 GMT
etag: W/"654bda5c-2142b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261942
server: cloudflare
cf-ray: 87624ed8db6a0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 141.193.213.11 | 200 OK | 14 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
etag: W/"6482bd64-3509"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261944
server: cloudflare
cf-ray: 87624ed87b180afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/slick.css?ver=1.0.0 | 141.193.213.11 | 200 OK | 1.6 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/slick.css?ver=1.0.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeASCII text, with very long lines (1599), with no line terminators Hash70f91a2b08190feff505484d662177a3 09a304715dd90ea73f87bd90eb429c97e4059405 5a6da8b217356a219a09169c66c162f2460915b6737c66b90b023285f3a12768
GET /wp-content/plugins/ghacks-post-slider/assets/css/slick.css?ver=1.0.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:37 GMT
etag: W/"654bda5d-62b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261944
server: cloudflare
cf-ray: 87624ed84ae80afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/geoip-detect/js/dist/frontend_full.js?ver=5.3.2 | 141.193.213.11 | 200 OK | 15 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/geoip-detect/js/dist/frontend_full.js?ver=5.3.2 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJavaScript source, ASCII text, with very long lines (14916) Hash5e7f7ff3266816dcc5f6788fa83937cf 8db62c96b2f6b45549e7aadf0fac75252a5b2949 f45cd9b233359f93287b58c02c16915e1af7c540f778a85752997c75b825505b
GET /wp-content/plugins/geoip-detect/js/dist/frontend_full.js?ver=5.3.2 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 18 Dec 2023 04:14:18 GMT
etag: W/"657fc71a-3a6f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261942
server: cloudflare
cf-ray: 87624ed8db690afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/js/jquery.rating.min.js | 141.193.213.11 | 200 OK | 30 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/js/jquery.rating.min.js IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJavaScript source, ASCII text, with very long lines (21977), with CRLF line terminators Hash136c745e6d222776ff48f5baf3568739 def0672c6e899debea85b4bb0b4bbe3f09c9c315 554f3ff96cba4f2f33ff2c37c48282006ab24a85cf9ca0ac8b22b0a06126c1d4
GET /wp-content/plugins/all-in-one-schemaorg-rich-snippets/js/jquery.rating.min.js HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:40 GMT
etag: W/"654bda60-73e0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261944
server: cloudflare
cf-ray: 87624ed88b1f0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/notix-web-push-notifications/public/js/notix-public.js?ver=1.2.4 | 141.193.213.11 | 200 OK | 838 B |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/notix-web-push-notifications/public/js/notix-public.js?ver=1.2.4 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJavaScript source, ASCII text, with very long lines (898), with no line terminators Hashe54984c1349a2e08fc2fb047ef82ed5d 7953e56df0a1f5330cbbf865b13ae63c48b3289f 1eea5dc94ae2aacafcedf09f7e54d77d3ed9a60c21035551386a98b24955e6a2
GET /wp-content/plugins/notix-web-push-notifications/public/js/notix-public.js?ver=1.2.4 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 18 Dec 2023 04:14:54 GMT
etag: W/"657fc73e-346"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261944
server: cloudflare
cf-ray: 87624ed87b1a0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 | 141.193.213.11 | 200 OK | 110 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
Size110 kB (110147 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 24 Jan 2024 19:02:28 GMT
etag: W/"65b15ec4-1ae43"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261944
server: cloudflare
cf-ray: 87624ed84ae40afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 141.193.213.11 | 200 OK | 88 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
etag: W/"64ecd5ef-15601"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261944
server: cloudflare
cf-ray: 87624ed87b0f0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts.js?ver=1.2.3.4.26 | 141.193.213.11 | 200 OK | 871 B |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts.js?ver=1.2.3.4.26 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJavaScript source, ASCII text, with very long lines (893), with no line terminators Hash4a575beeab891c7e0c9c5aabf017af61 f17b0229a69419ee1a60b4bbdb8949f136f3c90b b46cef510a78ae4fa455975a4ba95a7971eef079b05ba3be196094cf887d92b6
GET /wp-content/themes/new-ghacks-preview/scripts.js?ver=1.2.3.4.26 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-367"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261942
server: cloudflare
cf-ray: 87624ed8db6c0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sdk.privacy-center.org/sdk/0ba2e67e736e144a6d03110fc550c8374e639cab/modern/sdk.0ba2e67e736e144a6d03110fc550c8374e639cab.js | 54.230.111.89 | 200 OK | 346 kB |
URL GET HTTP/3sdk.privacy-center.org/sdk/0ba2e67e736e144a6d03110fc550c8374e639cab/modern/sdk.0ba2e67e736e144a6d03110fc550c8374e639cab.js IP54.230.111.89:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerAmazon Subject*.privacy-center.org Fingerprint1A:7E:F9:30:82:3B:8F:CF:86:98:3F:EC:6B:3C:10:21:07:6E:A0:8B ValiditySun, 10 Mar 2024 00:00:00 GMT - Mon, 07 Apr 2025 23:59:59 GMT
Size346 kB (346176 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk/0ba2e67e736e144a6d03110fc550c8374e639cab/modern/sdk.0ba2e67e736e144a6d03110fc550c8374e639cab.js HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
age: 69047
date: Wed, 17 Apr 2024 10:27:34 GMT
last-modified: Wed, 17 Apr 2024 10:27:17 GMT
etag: W/"fde1200c19de1876681d43ab5276ce84-1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DiNDv6vNXE-nq2mnrdFKQ110CkHaVpweLXvdJm9EppwwCu8FP5v9uw==
|
|
| www.ghacks.net/wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css?ver=1.8 | 141.193.213.11 | 200 OK | 8.9 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css?ver=1.8 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeASCII text, with very long lines (8922), with no line terminators Hashf997ab8b5d11afb85c9d3dde3a3e2f12 675d52d60ab0a2907bbb6a87d2093040958fb81b 506cddd8ab140dba8790b114bac2893f9e12c9ede5c7c8c4fe3edcde4927d232
GET /wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css?ver=1.8 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:33 GMT
etag: W/"654bda59-22aa"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261944
server: cloudflare
cf-ray: 87624ed86b080afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.datadoghq-browser-agent.com/datadog-rum-v4.js | 54.230.83.119 | 200 OK | 153 kB |
URL GET HTTP/2www.datadoghq-browser-agent.com/datadog-rum-v4.js IP54.230.83.119:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerDigiCert Inc Subject*.datadoghq-browser-agent.com Fingerprint8E:43:FD:49:B4:79:B9:C5:3C:18:E1:BA:9F:28:56:E8:C3:73:9A:C7 ValidityTue, 12 Dec 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Size153 kB (153156 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /datadog-rum-v4.js HTTP/1.1
Host: www.datadoghq-browser-agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 09 Oct 2023 11:26:13 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Thu, 18 Apr 2024 05:38:20 GMT
cache-control: max-age=14400, s-maxage=60
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AuFAXX4nfSxRWsHrtQ3fl5fE_gZkAv0U4nEH4l6HaieW23_H02QKkw==
age: 36
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-includes/css/dashicons.min.css?ver=6.4.3 | 141.193.213.11 | 200 OK | 59 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/css/dashicons.min.css?ver=6.4.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeASCII text, with very long lines (58981) Hashd68d6bf519169d86e155bad0bed833f8 27ba9c67d0e775fc4e6dd62011daf4c3902698fc c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
GET /wp-includes/css/dashicons.min.css?ver=6.4.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
etag: W/"603ffca6-e688"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261944
server: cloudflare
cf-ray: 87624ed85afd0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/my-custom-functionality-master/assets/css/swiper.min.css?ver=6.4.3 | 141.193.213.11 | 200 OK | 14 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/my-custom-functionality-master/assets/css/swiper.min.css?ver=6.4.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeASCII text, with very long lines (13353) Hash7e29eec1f366019442c2e0b4979cb161 7644bbdcbc0f8cf275cd7d6c7b0aa8b9b2bf932f 58bbd6a241262127ddef359bd0d40bcbb1d84b1218f35164bc8d0348b5e8ec20
GET /wp-content/plugins/my-custom-functionality-master/assets/css/swiper.min.css?ver=6.4.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:36 GMT
etag: W/"654bda5c-3528"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261944
server: cloudflare
cf-ray: 87624ed85af00afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/style.css?ver=1.2.3.4.26 | 141.193.213.11 | 200 OK | 344 B |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/style.css?ver=1.2.3.4.26 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeHTML document, ASCII text, with very long lines (356), with no line terminators Hash6ec6d67da3e14434b1f44c0274dd6426 cf3db60c5d16f64df4a71ef57a7a284dd53b68b6 d9d4801056836c4f0101417fe4b7ceb30c9444b350cf4ef5bc67f1dd57e66a99
GET /wp-content/themes/new-ghacks-preview/style.css?ver=1.2.3.4.26 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-158"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261944
server: cloudflare
cf-ray: 87624ed85aff0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711341113 | 141.193.213.11 | 200 OK | 11 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711341113 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
Hash91954b488a9bfcade528d6ff5c7ce83f edf589eb28247c73ccc04e5b34ad107b90bd1b2e 6bc5622bfab1a16855ad49b99a3f9ed8eb24f49da469a113f9000b866f109e2e
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711341113 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 25 Mar 2024 04:31:53 GMT
etag: W/"6600fe39-2c7c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 259128
server: cloudflare
cf-ray: 87624ed8db6f0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/css/single.css?ver=5.6.15 | 141.193.213.11 | 200 OK | 32 kB |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/css/single.css?ver=5.6.15 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/themes/new-ghacks-preview/css/single.css?ver=5.6.15 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-7b08"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 259128
server: cloudflare
cf-ray: 87624ed86b020afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| notix.io/ent/current/enot.min.js | 139.45.197.227 | 200 OK | 145 kB |
URL GET HTTP/2notix.io/ent/current/enot.min.js IP139.45.197.227:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectnotix.io Fingerprint3C:56:70:26:73:9D:43:E7:28:EF:40:FE:65:98:CD:7B:0A:56:D9:1B ValiditySat, 17 Feb 2024 20:57:19 GMT - Fri, 17 May 2024 20:57:18 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size145 kB (145421 bytes) Hash9a3ae56c31a58c28e606e1e069a21059 ea3cdfcda002044373d2090e1745f83a15b82d17 6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55
| Analyzer | Verdict | Alert |
|---|
| Public Nextron YARA rules | malware | Unique code from Jetriz, Swid & Jeniva of the Tetris framework |
GET /ent/current/enot.min.js HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 05:38:20 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 11:17:39 GMT
etag: W/"65f18b53-2380d"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/revamp-infinite-leaderboard.js?ver=0.3 | 141.193.213.11 | 200 OK | 6.4 kB |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/revamp-infinite-leaderboard.js?ver=0.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeUnicode text, UTF-8 text, with very long lines (6532), with no line terminators Hash820395478e46e88a5c526ae7d80659c3 74d172c64ae14947204d6bd4c684882eda8c5bd0 91765311b10376ca26258f0209b0da0685b54026e584347831f0efa515e464d1
GET /wp-content/themes/new-ghacks-preview/revamp-infinite-leaderboard.js?ver=0.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-18d0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 259128
server: cloudflare
cf-ray: 87624ed8db6e0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/responsive-menu/v4.0.0/assets/js/rmp-menu.js?ver=4.3.3 | 141.193.213.11 | 200 OK | 14 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/responsive-menu/v4.0.0/assets/js/rmp-menu.js?ver=4.3.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeJavaScript source, ASCII text Hash56505217427c901b6f0575c2867c413e 2868ee5680688d9741851f33523e1a8f17a02711 9b4025f4bec98ec14a9c917c4734cedc5ef0d527606b0336334c273bef8d19ad
GET /wp-content/plugins/responsive-menu/v4.0.0/assets/js/rmp-menu.js?ver=4.3.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 18 Mar 2024 04:11:53 GMT
etag: W/"65f7bf09-361a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261942
server: cloudflare
cf-ray: 87624ed8db6b0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sdk.mrf.io/statics/marfeel-sdk.js?id=2544 | 172.67.159.162 | 200 OK | 157 kB |
URL GET HTTP/2sdk.mrf.io/statics/marfeel-sdk.js?id=2544 IP172.67.159.162:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectsdk.mrf.io FingerprintE3:5F:E1:81:2C:18:A0:6B:1A:CF:FB:54:9E:3E:3F:A5:6C:31:E1:FE ValidityWed, 27 Mar 2024 00:15:55 GMT - Tue, 25 Jun 2024 00:15:54 GMT
Size157 kB (157377 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /statics/marfeel-sdk.js?id=2544 HTTP/1.1
Host: sdk.mrf.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:38:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 42599
cache-control: max-age=1800
access-control-allow-origin: *
x-response-time: 13ms
content-encoding: gzip
x-envoy-upstream-service-time: 19
cf-cache-status: HIT
age: 242
last-modified: Thu, 18 Apr 2024 05:34:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87624edd3d9bb512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| api.btloader.com/mw/state?bt_env=prod | 130.211.23.194 | 204 No Content | 0 B |
URL GET HTTP/2api.btloader.com/mw/state?bt_env=prod IP130.211.23.194:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectapi.btloader.com Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mw/state?bt_env=prod HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-origin: *
vary: Origin
date: Thu, 18 Apr 2024 05:38:20 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/plugins/notix-web-push-notifications/public/css/notix-public.css?ver=1.2.4 | 141.193.213.11 | 200 OK | 1.4 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/notix-web-push-notifications/public/css/notix-public.css?ver=1.2.4 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeASCII text, with very long lines (1473), with no line terminators Hash2e336def6a6179c366ae7b5807f71230 fd798016e1b4de12c4bdb918808a44ba956d82ef da453daa00bd04b5837395427c6fc357970aa9b4154c9c57e971acc538f2327d
GET /wp-content/plugins/notix-web-push-notifications/public/css/notix-public.css?ver=1.2.4 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 18 Dec 2023 04:14:54 GMT
etag: W/"657fc73e-57b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261944
server: cloudflare
cf-ray: 87624ed85af60afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/statics/px.gif | 141.193.213.11 | 404 Not Found | 548 B |
URL GET HTTP/3www.ghacks.net/statics/px.gif IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeHTML document, ASCII text, with very long lines (574), with no line terminators Hash5b3bd9705af8e4446f589e073b64d64c e25d724de194a431213080e10392963efc18ad75 ad8ec7fd0face5bd866b2a915cd34853cf60f18229acc156dfa99f5dd5d3c775
GET /statics/px.gif HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 05:38:20 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 3
server: cloudflare
cf-ray: 87624edbad3f0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-includes/js/comment-reply.min.js?ver=6.4.3 | 141.193.213.11 | 200 OK | 3.0 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/js/comment-reply.min.js?ver=6.4.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeASCII text, with very long lines (3056), with no line terminators Hashdc7f90d513295c29acc441fe114a2cab ca9e5069d9afc4aa13ab2e152313dfb476e842ef f87915c58d8c25473c726646b58d2fe0ba9a136987571e6c810aba3c67b4f74c
GET /wp-includes/js/comment-reply.min.js?ver=6.4.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-ba5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 259128
server: cloudflare
cf-ray: 87624ed8db6d0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/images/search-icon.svg | 141.193.213.11 | 200 OK | 894 B |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/images/search-icon.svg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeSVG Scalable Vector Graphics image Hash31ffae4dc3f9513b90cece58e109d074 3d9d4360489d8a2213ced78ea01d7299456ef5dc 11c7f674f5c8f6705071eeb9c4036f51243fc4e79c06ba784e92324fef1e4f94
GET /wp-content/themes/new-ghacks-preview/images/search-icon.svg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/css/single.css?ver=5.6.15
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:20 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-37e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261942
server: cloudflare
cf-ray: 87624edbed830afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=www.ghacks.net | 54.230.111.89 | 200 OK | 58 kB |
URL GET HTTP/2sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=www.ghacks.net IP54.230.111.89:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerAmazon Subject*.privacy-center.org Fingerprint1A:7E:F9:30:82:3B:8F:CF:86:98:3F:EC:6B:3C:10:21:07:6E:A0:8B ValiditySun, 10 Mar 2024 00:00:00 GMT - Mon, 07 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=www.ghacks.net HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
x-amzn-requestid: 6f84b5a5-3e58-4387-8a95-ab80b660228f
x-didomi-configs-version: 101
x-amzn-trace-id: root=1-6620150f-16563d1825bfbb4916c1d787;parent=7408a86721f75119;sampled=0;lineage=eaae1266:0
x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:false
content-encoding: br
date: Thu, 18 Apr 2024 04:14:42 GMT
cache-control: max-age=7200, public
etag: W/"864593fb6ebc8c46a73c871f7d434edc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: bj8fsFk7VqeYQw7sEziZEchWBBfxiR50pQHeXK_yqiL0FTvF0Bv4aw==
age: 5018
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/recent-post-style.css?ver=1.0.0 | 141.193.213.11 | 200 OK | 8.0 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/recent-post-style.css?ver=1.0.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeASCII text, with very long lines (8193), with no line terminators Hashd0b1eed64061803f153cd21d2d0c8b0d 7945b89f7f9431761433b169e44fff149157eee9 64b9ef49ce14cc0e3e5163c8023207bd0393932f673b27e23f4cd83d27116077
GET /wp-content/plugins/ghacks-post-slider/assets/css/recent-post-style.css?ver=1.0.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:37 GMT
etag: W/"654bda5d-1f19"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261944
server: cloudflare
cf-ray: 87624ed84aec0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/statics/dfp.js | 141.193.213.11 | 404 Not Found | 548 B |
URL GET HTTP/3www.ghacks.net/statics/dfp.js IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeHTML document, ASCII text, with very long lines (574), with no line terminators Hash5b3bd9705af8e4446f589e073b64d64c e25d724de194a431213080e10392963efc18ad75 ad8ec7fd0face5bd866b2a915cd34853cf60f18229acc156dfa99f5dd5d3c775
GET /statics/dfp.js HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 05:38:20 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 3
server: cloudflare
cf-ray: 87624edbad3e0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/style.css?ver=1.0 | 141.193.213.11 | 200 OK | 2.4 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/style.css?ver=1.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeASCII text, with very long lines (2705), with no line terminators Hash52b78c16f3448205252e13c78042da8e 25cc42371ff3e4c7d22ebfd79fb7e1bf7b46852b 25375b10fec2eb232f35f30fd4c9b78577d3cd0b98f775dc5da48607e85e4400
GET /wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/style.css?ver=1.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:40 GMT
etag: W/"654bda60-95c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261944
server: cloudflare
cf-ray: 87624ed87b0d0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/jquery.rating.css?ver=1.0 | 141.193.213.11 | 200 OK | 978 B |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/jquery.rating.css?ver=1.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeASCII text, with very long lines (999), with no line terminators Hashcb8c054c5cd8cfb0cba355a6ab0267b7 ad24e21c1d4093056fe3b9ea7f529cbb05a5e718 13bb6de7dfea9458b5a590c92fdb80a727356c1f91c557b1d030a2888cdd7369
GET /wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/jquery.rating.css?ver=1.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:40 GMT
etag: W/"654bda60-3d2"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261944
server: cloudflare
cf-ray: 87624ed87b0c0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/css/affiliate-link-shortcode.css?ver=5.6.13 | 141.193.213.11 | 200 OK | 2.0 kB |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/css/affiliate-link-shortcode.css?ver=5.6.13 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net FingerprintCF:BA:21:D0:88:97:3E:CA:DB:D6:2D:54:68:A6:FE:AE:C7:BA:4E:01 ValidityThu, 22 Feb 2024 10:30:44 GMT - Wed, 22 May 2024 10:30:43 GMT
File typeASCII text, with very long lines (2099), with no line terminators Hash82d65a4965205ef6700c742003e1050f 10616a26d306cc152543750ce1b6a8673aa12585 a5d6a71abbf8c8f90b1f9ab66118bd96d2c3bc9fd399b84a57a0129855287937
GET /wp-content/themes/new-ghacks-preview/css/affiliate-link-shortcode.css?ver=5.6.13 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=gvWSp0_kB1vDGasuiFKwYR0G2NY6lR4Evvqmqjs0.Bg-1713418699-1.0.1.1-oBn68GjlqaEkS4NBPgi9q4JhONRz4IKaxQS9WfEw7r2gi8o9YRxp60ApbgHur58LclwMA7Aj76B23MJtLx11Vw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:38:19 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-7d8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 261942
server: cloudflare
cf-ray: 87624ed8db670afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
0.0.0.0